Features/rngd default on

From FedoraProject

Comments and Explanations The page source contains comments providing guidance to fill out each section. They are invisible when viewing this page. To read it, choose the "edit" link.Copy the source to a new page before making changes! DO NOT EDIT THIS TEMPLATE FOR YOUR FEATURE.

Set a Page WatchMake sure you click watch on your new page so that you are notified of changes to it by others, including the Feature Wrangler

All sections of this template are required for review by FESCo. If any sections are empty it will not be reviewed

Owner

Current status

Detailed Description

Linux generally relies on extracting entropy from noise in the compute
environment for users of random numbers. However, in several critical
compute environments entropic noise is notoriously scarce: servers,
embedded systems, and virtual machines.

Some platforms provide a hardware random number generator, or they
have a Trusted Platform Module (TPM); in particular KVM provides the
rng-virtio interface to guests. Furthermore, rngd can make direct use
of an architectural random number generator (currently it supports the
x86 RDRAND instruction available in newer Intel processors.)

Lack of entropy is both a performance and a security problem. In the
worst case it can result in duplicate key generations, as was recently
discovered on Linux systems in the field.

There has been a number of functionality problems with rngd in the
past, however, these should hopefully be eliminated in the just
released version 4. Furthermore, if there are functionality problems
remaining they should be reported upstream so they can be fixed,
rather than leaving the daemon disabled with all the security hazards
that entail.

In particular:

- rngd should be turned on by default.
- rngd should be started as early as possible.

Note that when using TPM, rngd currently conflicts with tcsd from
TrouSerS. The solution to that is a kernel module which is probably
going to be merged upstream in the 3.7 kernel, as it unfortunately
missed the 3.6 merge window; however, it is a small patchset and it
can be trivially backported. It should be in James Morris'
linux-security git tree shortly; otherwise search for Kent Yoder on
LKML.

Benefit to Fedora

Kernel random number generator has plenty of entropy on servers, virtual machines and other platforms.

Scope

1. Update rng-tools to version 4 (done).
2. Get rng-tools added to core list of packages.

How To Test

Run random-intensive tests such as certificate / key generation.

User Experience

Invisible, or, better kernel random entropy.

Dependencies

None

Contingency Plan

None necessary

Documentation

See above extended description.

Release Notes

Additional entropy is available for kernel random number generator users, particular for setups with low entropy such as servers or virtual machines.